Is the public cloud secure enough? 6 trends that put this debate to rest

Southeast Asia’s digital economy was estimated to be worth US$174 billion in 2021 and is on track to hit US$363 billion by 2025, according to the latest eConomy study by Google, Temasek, and Bain & Company. Much of this growth has been driven by businesses shifting from on-premises infrastructure (i.e., purchasing and maintaining their own IT servers and other hardware) to the public cloud.

The business benefits of this shift are clear: increased productivity, enhanced customer experiences, decreased capital expenditure, and reduced time-to-market for new products and services.

Security is, however, another key cloud adoption consideration, especially with Southeast Asia reporting a 600% rise in cybercrime. Security’s paramount importance in the digital economy is underscored by the National Cyber Security Agency of Thailand and the Cyber Security Agency of Singapore recently announcing new initiatives and policy reviews to enhance nationwide cyber resilience. They won’t be the last government agencies in the region to do so.

As the public cloud becomes a driver of digital and economic transformation, this raises the question: Can it be more secure than on-premises infrastructure?

The answer? Yes, but only if organisations keep pace with six megatrends that compound the cloud’s inherent security advantages.

Trend #1: Economies of scale democratise access to advanced cloud security

Public clouds operate at sufficient scale to implement higher levels of security that few organisations can afford to fully construct on their own. Titan security chips in servers and confidential computing nodes, for instance, deliver an unprecedented level of malware resistance and end-to-end data encryption, but their per-unit cost is by no means trivial.

Delivering an advanced level of security by default is cost-efficient for public cloud providers, given the economies of scale and lower per unit cost of deploying these chips and nodes everywhere across planet-scale infrastructure.

Ninja Van, a fast-growing logistics unicorn with operations in Singapore, Malaysia, Indonesia, Thailand, Vietnam, and the Philippines, is an example of a cloud-first organisation that’s benefitting from advanced encryption capabilities that are designed by default into public cloud infrastructure. Ninja Van can therefore invest incrementally in custom configurations or enhanced security features to reinforce its existing zero-trust security model.

The cloud has become the strategic epitome of raising baseline security standards by reducing the cost of deployment – in a way that on-premises infrastructure cannot match.

Trend #2: More skin in the game with a “shared fate” model 

Getting security right can be challenging, and organisations with on-premises infrastructure are fully responsible for building effective security programs on their own.

On the other hand, cloud computing has always been underpinned by “shared responsibility”: Cloud providers are responsible for securing the underlying infrastructure (security of the cloud), while the customer is responsible for secure configuration, data protection, and access permissions (security in the cloud).

But as a flywheel of increasing trust drives more businesses to transition to the cloud, cloud providers are compelled to have more skin in the game.

The result of this is public cloud providers’ full commitment to organisations’ security, as seen in secure-by-default configurations, secure blueprints and policy hierarchies, as well as control assurances in the form of compliance certifications, content audits, regulatory compliance support, configuration transparency for ratings, and risk protection program insurance coverage.

Singapore’s Land Transport Authority (LTA) was looking to better understand commuters’ transportation patterns and gather insights for future planning, while implementing the necessary security measures and control assurances. To adhere to strict data protection and privacy requirements, it turned to cloud-native identity and access management so only authorised staff can access digital household travel survey data, with a built-in audit trail to track all access activity. LTA also leveraged cloud network security to protect its website from common vulnerabilities.

Trend #3: Healthy competition in cloud security

The pace and extent of security feature enhancements are accelerating as global public cloud providers compete to create and implement next-generation security technologies. This not only progressively increases cloud security norms in tandem with business agility and productivity, it outperforms what’s possible with on-premise infrastructure.

We have, for instance, discovered that 86% of compromised servers are now being used to perform cost-intensive cryptocurrency mining. The ability to quickly deliver cloud-native, next-generation detection capabilities for organisations to protect themselves against cryptocurrency mining – as well as data exfiltration and ransomware – then becomes crucial.

Cloud will always lead on-premises environments that have less of a competitive impetus to provide progressively better security. On-premises may never go away completely, but cloud competition drives security innovation in a way that on-premises hasn’t and won’t.

Trend #4: Cloud as the digital immune system

Public cloud providers continuously deliver hundreds of updates, with every security update informed by requests, threats, vulnerabilities, or new attack techniques – whether it’s the growing abuse of servers to generate traffic to YouTube for view count manipulation or state-sponsored cyberattackers posing as talent recruiters in targeted spear-phishing campaigns.

As a result, security improvements are not just specific countermeasures, but enhancements that defeat whole classes of attacks. If you’re a company that doesn’t have a large security team or this level of resources, then an optimal strategy is to embrace the security feature updates that the cloud provides to protect networks, systems, and data. It’s like tapping into a global digital immune system.

Trend #5: Software-defined infrastructure automating security and compliance controls

Another advantage of the cloud over on-premises is its software-defined infrastructure, which can be dynamically configured without companies having to manage hardware or cope with administrative toil.

From a security standpoint, this means that organisations can explicitly define and implement their security or compliance policies as code, and centrally monitor their effectiveness over time.

Compliance policies as code, for instance, can be summarised as an organisation’s ability to automate the verification, remediation, monitoring, and reporting of compliance or non-compliance. For a digital organisation to thrive, it is critical to enforce controls like where it’s acceptable to store specific types of data or which specific users can access that data – and ensuring these are followed at scale.

Bank Rakyat Indonesia, for example, became the first bank in ASEAN to be certified as ISO 27001 – or information security – compliant. Today, it continues to leverage the cloud’s software-defined infrastructure to ensure compliance at scale, as it connects its systems to an ecosystem of more than 70 third-party fintech partners to offer banking services that reach underserved consumer segments.

Trend #6: The growing velocity of software deployment

Lastly, cloud providers automate software deployments and updates with continuous integration/continuous deployment systems. This frequently delivers security enhancements and updates supported by consistent product versions everywhere, thereby achieving reliability at scale while permitting rapid roll-back if needed. This enables organisations to innovate even quicker, with less risk.

Going back to Ninja Van, which releases hundreds of new software features daily – from a chatbot that enhances customer experiences to algorithms for fuel-saving route optimisation. The ability to leverage the cloud’s automated software deployment capabilities – including patch management – not only helps the tech-enabled company stay ahead of potential vulnerabilities, it ensures that Ninja Van’s technology teams can avoid engaging in manual backend configurations to stay laser-focused on innovation.

Propelling security forward, with greater speed, and less cost and effort

These six megatrends reinforce the public cloud’s security advantages over on-premises infrastructure. Forward-looking companies with a cloud-first approach, including those in regulated industries, are already tapping enterprise-grade economies of scale, leveraging next-generation security innovation, developing digital immunity, and benefitting from automated control configurations and deployment velocity – all at a lower cost and with less effort than before.